Red Hat Bugzilla – Bug 625399
remmina exposes passwords to "ps"
Last modified: 2010-10-30 20:46:34 EDT
Description of problem:
says it all really. remmina uses the "-pPASSWORD" option in rdesktop instead of using "-p -" and passing the password on stdout - as tsclient does
Version-Release number of selected component (if applicable):
connect to a RDP client and then run "ps aux|grep rdesktop" in a terminal
Steps to Reproduce:
Thanks for your bug report. I have forwarded it to the upstream bug tracker at
Nevertheless I'll leave this one open until the problem is resolved.
Upstream has decided to not fix the issue as they have switched to freerdp now. I will try to bring the new version to Fedora soon.
Are you sure it's still a problem?
I'm now running F13, and "ps" shows
rdesktop -u user-name -d dom -p XXXXXXXXXXXXXX -a 24
...instead of the password. Maybe something changed in rdesktop to hide the password string?
This is with
Confirmed, same behavior on Fedora 14, versions of the packages are the same.
I know for sure that remmina has not changed and according to the changelog rdesktop has not changed ether. Anyway, the issue is fixed (I never verified it actually existed, I just relied on the bug report).